The disclosure and analysis of thousands of leaked telnet credentials paints a bleak picture of the state of IoT security. Johannes Ullrich of the SANS Internet Storm Center (ISC) put a security camera DVR online. He kept the experiment going for more than 45 hours, logging 36 million packets in the process. The results were equally disheartening, and paint a consistent and unimproving picture of overall insecurity of the internet of things, he said. As of last Friday, 1,775 of the 33,000 IPs still reachable, but that number is a relatively small blip.
Source: https://threatpost.com/telnet-credential-leak-reinforces-bleak-state-of-iot-security/127702/